Hot Patching Hot Fixes: Reflection and Perspectives

With our reliance on software continuously increasing, it is of utmost importance that it be reliable. However,complete prevention of bugs in live systems is unfortunately an impossible task due to time constraints, incomplete testing, and developers not having knowledge of the full stack. As a result, mitigating risks for systems in production through hot patching and hot fixing has become an integral part of software development. In this paper, we first give an overview of the terminology used in the literature for research on this topic. Subsequently, we build upon these findings and present our vision for an automated framework for predicting and mitigating critical software issues at runtime. Our framework combines hot patching and hot fixing research from multiple fields, in particular: software defect and vulnerability prediction, automated test generation and repair, as well as runtime patching. We hope that our vision inspires research collaboration between the different communities

Reproducibility of environment-dependent software failures: An experience report

Abstract-We investigate the dependence of software failure reproducibility on the environment in which the software is executed. The existence of such dependence is ascertained in literature, but so far it is not fully characterized. In this paper we pinpoint some of the environmental components that can affect the reproducibility of a failure and show this influence through an experimental campaign conducted on the MySQL Server software system. The set of failures of interest is drawn from MySQL's failure reports database and an experiment is designed for each of these failures. The experiments expose the influence of disk usage and level of concurrency on MySQL failure reproducibility. Furthermore, the results show that high levels of usage of these factors increase the probabilities of failure reproducibility

Recovery from failures due to Mandelbugs in IT systems

Several studies have been carried out on software bugs analysis and classification for life and mission critical systems, which include reproducible bugs called Bohrbugs, and hard to reproduce bugs called Mandelbugs. Although software reliability in IT systems has been studied for years, there are only a few formal analytic models for recovery from Mandelbugs. This paper discusses in detail several real cases of Mandelbugs and presents a simple flowchart which describes the recovery processes implemented in IT systems for a large variety of Mandelbugs. The flowchart is based on more than 10 IT systems that are running in production. The paper then presents a closed-form expression of the mean time to recovery from these bugs. Measures of interest including mean time to recovery and system unavailability are computed. A numerical and parametric sensitivity analysis of the model parameters are carried out. This analysis allows the designer to find out important parameter(s) for the recovery from failures due to Mandelbugs

Avaliação da validade externa da técnica de análise diferencial para detecção de envelhecimento de software: um estudo confirmatório com replicação

Software systems running continuously for a period of time often confront software aging. This phenomenon is related to the increase of the failure rate as the system executes. Recently, a study introduced a technique for aging detection based on differential software analysis that, through experiments under synthetic workloads with focus on memory leakage, proved superior to other approaches used in SAR. The differential analysis can distinguish between the natural behavior of aging behavior when comparing (under experiments) two versions of the same system: target version (with aging) and base version (without aging). This master's study evaluated the external validity of this approach to verify if the previous findings also applied to real applications and loads. For this purpose, 4 widely known real-world applications with memory leak bugs were selected. The activation patterns of the bugs were studieds in order to incorporate them into the representativeness characterization of the workload scenarios used. Subsequently, for each application, experimental replications were performed on the target and base versions considering the planned workload scenarios. In each replication, the RSS and HUS indicators were monitored, each composing a different time series. Then, in order to reduce the dissimilarity effects between the series, a mean time series was estimated by the DTW method for each set of replications. Finally, the mean time series of each indicator were processed through a combination of statistical techniques of trend detection and CEP, generating divergence charts for the anomalies identification. The divergence charts allow a fair comparison of the leak detection performance of each technique/indicator combination. The results showed that, unlike those previously findings with synthetic workloads, all combinations were able to detect memory leak efficiently, with no false-negatives and few false-positives rates. In addition, the trend detection techniques, in particular Hodrick Prescott (HP), were better than those of CEP. Again, the HUS indicator was superior to RSS, determining HP/HUS as the best overall combination to detect memory leakage.Dissertação (Mestrado)Sistemas de software que executam continuamente por um período de tempo podem sofrer de envelhecimento de software. Esse fenômeno está relacionado ao aumento da taxa de falha na medida em que o sistema executa. Recentemente, um estudo introduziu uma técnica para detecção do envelhecimento baseada em análise diferencial de software que, por meio de experimentos sob cargas sintéticas com foco em vazamento de memória, mostrou-se ser superior que outras abordagens utilizadas em SAR. A análise diferencial consegue distinguir entre o comportamento natural do comportamento do envelhecimento ao comparar, sob experimentos, duas versões do mesmo sistema: versão alvo (com envelhecimento) e versão base (sem envelhecimento). Esta pesquisa de mestrado avaliou a validade externa dessa abordagem para verificar se os resultados vistos anteriormente também se aplicavam frente a aplicações reais e cargas definidas através de um processo de caracterização de uso dessas aplicações. Para esta proposta, 4 aplicações reais amplamente conhecidas com bugs de vazamento de memória foram selecionadas. Os padrões de ativação de cada bug foram estudados a fim de incorporá-los na caracterização de representatividade dos cenários de cargas de trabalho utilizados. Posteriormente, para cada aplicação, replicações experimentais foram realizadas nas versões alvo e base considerando os cenários de carga de trabalho planejados. Em cada replicação, os indicadores RSS e HUS foram monitorados compondo, cada um, uma série temporal distinta. Em seguida, a fim de reduzir os efeitos de defasagem entre as séries, uma série temporal média foi estimada pelo método DTW para cada conjunto de replicações. Finalmente, as séries temporais médias de cada indicador foram processadas por meio da combinação de técnicas estatísticas de detecção de tendências e CEP, gerando gráficos de divergência para identificação de anomalias. Os gráficos de divergência permitem, de forma justa, comparar o desempenho na detecção do vazamento de cada combinação técnica/indicador. Os resultados mostraram que, diferentemente dos encontrados previamente com carga sintética, todas as combinações conseguiram detectar o vazamento de memória eficientemente, com nenhuma taxa de falso-negativos e com poucos falso-positivos. Além disso, as técnicas de detecção de tendências, em especial a de Hodrick Prescott (HP), foram melhores que as de CEP. Novamente, o indicador HUS mostrou-se superior ao RSS, determinando HP/HUS como a melhor combinação geral para detectar o vazamento de memória